| Jani Taskinen 2007-08-30, 8:01 am |
| jani Thu Aug 30 09:34:45 2007 UTC
Modified files:
/php-bugs-web bug.php
Log:
- Bogus is BOGUS. No more insults, thankyouverymuch.
http://cvs.php.net/viewvc.cgi/php-b...5&diff_format=u
Index: php-bugs-web/bug.php
diff -u php-bugs-web/bug.php:1.84 php-bugs-web/bug.php:1.85
--- php-bugs-web/bug.php:1.84 Tue Feb 27 18:41:15 2007
+++ php-bugs-web/bug.php Thu Aug 30 09:34:44 2007
@@ -54,10 +54,17 @@
$self = strip_tags($PHP_SELF);
+/* Is trusted ? */
+if (in_array($user, $trusted_developers) && verify_password($user,stripslashes($pw))
) {
+ $is_trusted = true;
+} else {
+ $is_trusted = true;
+}
+
# Delete comment
if ($edit == 1 && isset($delete_comment)) {
$addon = '';
- if (in_array($user, $trusted_developers) && verify_password($user,stripslashes($pw))
) {
+ if ($is_trusted) {
delete_comment($id, $delete_comment);
$addon = '&thanks=1';
}
@@ -119,43 +126,49 @@
$from = stripslashes($in['commentemail']);
}
elseif ($in && $edit == 2) {
- if (!$bug['passwd'] || $bug['passwd'] != stripslashes($pw)) {
- $errors[] = "The password you supplied was incorrect.";
- }
+ # Bogus is bogus. No more comments, no re-opening by lusers.
+ if ($bug['status'] == 'Bogus') {
+ $errors[] = "You can not comment bogus reports or change their status.";
+ } else {
- $ncomment = trim($ncomment);
- if (!$ncomment) {
- $errors[] = "You must provide a comment.";
- }
- if (is_spam($ncomment)) {
- $errors[] = "Please do not SPAM our bug system.";
- }
+ if (!$bug['passwd'] || $bug['passwd'] != stripslashes($pw)) {
+ $errors[] = "The password you supplied was incorrect.";
+ }
- # check that they aren't being bad and setting a status they
- # aren't allowed to (oh, the horrors.)
- if ($in['status'] != $bug['status'] && $state_types[$in['status']] != 2) {
- $errors[] = "You aren't allowed to change a bug to that state.";
- }
+ $ncomment = trim($ncomment);
+ if (!$ncomment) {
+ $errors[] = "You must provide a comment.";
+ }
+ if (is_spam($ncomment)) {
+ $errors[] = "Please do not SPAM our bug system.";
+ }
- # check that they aren't changing the mail to a php.net address
- # (gosh, somebody might be fooled!)
- if (preg_match('/^(.+)@php\.net/i', $in['email'], $m)) {
- if ($user != $m[1] || !verify_password($user,$pass)) {
- $errors[] = "You have to be logged in as a developer to use your php.net email address.";
+ # check that they aren't being bad and setting a status they
+ # aren't allowed to (oh, the horrors.)
+ if ($in['status'] != $bug['status'] && $state_types[$in['status']] != 2) {
+ $errors[] = "You aren't allowed to change a bug to that state.";
}
- }
- $from = ($bug['email'] != $in['email'] && !empty($in['email'])) ? $in['email'] : $bug['email'];
+ # check that they aren't changing the mail to a php.net address
+ # (gosh, somebody might be fooled!)
+ if (preg_match('/^(.+)@php\.net/i', $in['email'], $m)) {
+ if ($user != $m[1] || !verify_password($user,$pass)) {
+ $errors[] = "You have to be logged in as a developer to use your php.net email address.";
+ }
+ }
- if (!$errors && !($errors = incoming_details_are_valid($in))) {
- /* update bug record */
- $query = "UPDATE bugdb SET sdesc='" . $in['sdesc'] . "',status='" . $in['status'] . "', bug_type='" . $in['bug_type'] . "', php_version='" . $in['php_version'] . "', php_os='" . $in['php_os'] . "', ts2=NOW(), email='$from' WHERE id=$id";
- $success = @mysql_query($query);
-
- /* add comment */
- if ($success && !empty($ncomment)) {
- $query = "INSERT INTO bugdb_comments (bug, email, ts, comment) VALUES ($id,'$from',NOW(),'$ncomment')";
+ $from = ($bug['email'] != $in['email'] && !empty($in['email'])) ? $in['email'] : $bug['email'];
+
+ if (!$errors && !($errors = incoming_details_are_valid($in))) {
+ /* update bug record */
+ $query = "UPDATE bugdb SET sdesc='" . $in['sdesc'] . "',status='" . $in['status'] . "', bug_type='" . $in['bug_type'] . "', php_version='" . $in['php_version'] . "', php_os='" . $in['php_os'] . "', ts2=NOW(), email='$from' WHERE id=$id";
$success = @mysql_query($query);
+
+ /* add comment */
+ if ($success && !empty($ncomment)) {
+ $query = "INSERT INTO bugdb_comments (bug, email, ts, comment) VALUES ($id,'$from',NOW(),'$ncomment')";
+ $success = @mysql_query($query);
+ }
}
}
}
@@ -532,12 +545,12 @@
function output_note($com_id, $ts, $email, $comment)
{
- global $edit, $id, $trusted_developers, $user, $self;
+ global $edit, $id, $is_trusted, $self;
echo "<a name=\"c$com_id\"></a>";
echo "<div class=\"comment\">";
echo "<b>[",format_date($ts),"] ", htmlspecialchars(spam_protect($email)), "</b>\n";
- echo ($edit == 1 && $com_id !== 0 && in_array($user, $trusted_developers)) ? "<a href=\"$self?id=$id&edit=1&delete_comment=$com_id\">[delete]</a>\n" : '';
+ echo ($edit == 1 && $com_id !== 0 && $is_trusted) ? "<a href=\"$self?id=$id&edit=1&delete_comment=$com_id\">[delete]</a>\n" : '';
echo "<pre class=\"note\">";
$note = addlinks(preg_replace("/(\r?\n){3,}/","\n\n",wordwrap($comment,72,"\n",1)));
echo preg_replace('/(bug\ *#([0-9]+))/i', "<a href=\"$self?id=\\2\">\\1</a>", $note);
|